Praeger Security: Cyber Attacks Should Be Treated as an Act of War

Lamont Colucci
Ripon College

It is surprising that it has taken about 20 years to openly discuss cyber attacks against the United States committed by other nations. The first major attack is often cited as the “Moonlight Maze” attack of 1998, which is believed to have emanated from Russia. It is even stranger that we are debating whether or not these types of attacks are acts of war and aggression. This lackadaisical attitude is perhaps a function not so much of policy attitudes but culture and generational trends. Generation X and Millennials grew up with the Internet primarily as a positive force in their lives. Further, the Internet is seen as amorphous, surreal and lacking in a concrete manifestation. Negative news about the Internet focuses on such issues as identity theft, cyber stalking, and poor social judgment, as countless people engage in negative behavior that may haunt them in later life. This is unfortunate since the Internet dominates most areas of national security and American corporate activity. These foreign nation cyber attacks have become more sensationalized with the North Korean attack against Sony and allegations of Russian intervention in the 2016 election cycle.

The United States must have a clear policy that cyber attacks will be treated as an act of aggression and war viewed no differently than a kinetic attack, or an attack that results in tangible physical damage and or human casualties. In 2011, the Pentagon opened the official door by declaring that “any computer attack that threatens widespread civilian casualties”[1] could be considered an act of war garnering a military response. In an increasing tense atmosphere over the issue, Sen. Mike Rounds in 2016 introduced a bill called the Cyber Act of War Act, which would: “(1) develop a policy for determining when an action carried out in cyberspace constitutes an act of war against the United States, and (2) revise the Department of Defense Law of War Manual accordingly.” In developing this policy, the President shall consider: “(1) the ways in which a cyber attack’s effects may be equivalent to a conventional attack’s effects, including physical destruction or casualties; and (2) intangible effects of significant scope or duration.”[2] However, as critics have noted, this is less of a guideline for the use of force than a demand that any administration makes clear what American policy is toward such an attack.

It is not the purview of this article to discuss non-state actors, but even with state actors, there is a question of attribution: how sure is the United States that a particular state engaged in a cyber attack?[3] For any response policy to exist, the president must force the intelligence community (IC) to possess and maintain the tools to credibly give him positive attribution. The IC will likely resist such pressure but should be reminded that this is the reason the IC exists in the first place. It is highly likely that the IC will claim that they cannot be definite in all cases who the aggressor is; further, they may try to stall by arguing that more time is needed to assess the situation. Like many areas that demand firm answers from the American intelligence services, the IC should be forced to give an assessment and not be allowed to be ambiguous. Its entire reason for existence is to make such judgment calls and analysis. As much as it is important to be sure and prudent, it is equally important to act decisively to prevent major harm to the United States and the American people. This fully recognizes the possibility that a bad actor could attempt to a covert operation designed to make the United States think a national actor engaged in an attack when they did not. This could even be an action by a national actor itself. Perhaps Iran will attempt an attack that appears like the Chinese or the Russians. This is another reason that a declared policy that cyber attacks by national actors will be considered an act of war will inject a needed seriousness on all sides of the equation. It sends a powerful message not only to our own intelligence community but toward potential adversaries that this issue has left the ethereal feelings surrounding the internet and has entered the domain of hard power national security.

Another area directly related to cyber attacks by national actors is the area of cyber espionage. Again, culture has clouded the issue as espionage is still thought of along the old lines of human intelligence and signals intelligence. However, what could once not be achieved by an army of covert operators can now be achieved by an individual or small group of cyber operators. Cyber espionage is one of the most common threats the United States faces at the hands of state actors. This has often been an overlooked area of espionage by the media, and even politicians, as it often focuses on economic and industrial espionage. It is not considered by many of these same politicians or media actors as serious as attacks against the Pentagon’s communication systems, or even for some, as media manipulation. However, this is more of an ongoing threat than any other, and it harms the United States on a daily basis. In light of this, on April 1, 2015, President Barack Obama signed an executive order, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities.”[4] This policy would allow the United States government, through the secretary of the treasury (in consultation with the attorney general and secretary of state) to apply sanctions to individuals or groups that engage in economic espionage. The administration’s test was if the attack created “a significant threat to U.S. national security, foreign policy, or economic health or financial stability of the United States.” Although this was a long overdue step in the right direction, it may again reflect the Obama administration’s instinct to take the minimalist path of least resistance. Economic espionage encompasses everything from stealing to altering to destroying intellectual property or other trade secrets. This can be anything from machine blueprints to software applications to private employee information to chemical formulas. And while defense contractors and military technology top the looting list, everything is fair game: civilian aviation, gaming software, agricultural seeds, pharmaceuticals or car brakes. Naturally, Silicon Valley and corporations such as Microsoft, Google, Apple, HP, and Oracle are top targets. And while the good, old-fashioned spy work of using human intelligence assets and dealing with physical documents is still a reality, foreign agents can now also work remotely, through cyber attacks, malware, viruses and other forms of hacking.

The cost to the American economy and American jobs is staggering. One 2009 estimate pegged losses at $50 billion but BlackOps Partners Corporation, a firm that handles cyber counterintelligence for Fortune 500 companies, estimated in 2013 that the cost was $500 billion from U.S. companies annually.[5][6] Many of the code names of these attacks seem to come out of a Tom Clancy novel: Red October, Flame, Operation Aurora and the Elderwood Project. The aggressors have similarly colorful names: Unit 61398, for example, and Energetic Bear.

These last two were not independent hackers. Unit 61398 is part of China’s People’s Liberation Army while Energetic Bear was widely believed to be supported by Russia. Notice that these are not Russian and Chinese corporations but the governments themselves (indeed, they are the two biggest cyber adversaries of the United States). A 2013 report by the cyber security firm Mandiant estimated that Unit 61398 had hacked into 141 companies.[7] Similarly, a 2014 report by the firm CrowdStrike said that the Russian government had penetrated hundreds of American, European and Asian companies, stealing valuable intellectual property.[8]

One needs to be reminded that these are state actors of the two greatest power threats to United States interests using their intelligence arms to attack U.S. corporations. This is not about sanctions, this is warfare, and it should be treated as such. The Russian cyber attacks against the Estonian Parliament in 2007, the attacks against Georgia in 2008 (which were a prelude to the Russian invasion), and Ukraine continuously, should have served as a clear warning that the future for the United States looks dark if no decisive policy is enacted. Russia and China are the most common sources of national actor attacks against the United States. If these two nations perceive weakness on the America’s part, they will amplify and exploit their attacks progressively.

Although economic cyber espionage is the most common form of state-actor attacks, the question remains as to how the United States should respond to a cyber-attack that seeks to seriously harm our national security infrastructure or population. In May 2017, National Security Agency director Mike Rogers stated, “Advanced states continue to demonstrate the ability to combine cyber effects, intelligence, and asymmetric warfare to maintain the initiative just short of war, challenging our ability to react and respond.”[9] The scenarios of nation-state cyber attacks against the United States are endless: cut down the power grid, hack the major financial institutions, bring down military communications, confuse major transportation and supply chain networks. Many of these attacks may lead to the deaths of tens of thousands, especially those targeting health care and the water and food supply, and can cause mass casualties to the American military. Many national security experts have focused on the catastrophic result should a terrorist group or a rogue nation like Iran or North Korea deliver an electromagnetic pulse (EMP) strike against the United States. An EMP attack by even a single nuclear detonation at high altitude above the surface could destroy electrical power to over 70% of the United States, resulting in casualties on a scale never been seen in warfare.[10] Hypothetical accounts of the days without electric power are terrifying. Lloyds of London and the University of Cambridge’s Centre for Risk Studies analyzed a scenario where an attack on the power grid resulted in a 15-state blackout plunging 93 million people into darkness: “Experts predict it would result in a rise in mortality rates as health and safety systems fail; a decline in trade as ports shut down; disruption to water supplies as electric pumps fail and chaos to transport networks as infrastructure collapses. The total impact to the US economy is estimated at $243 billion, rising to more than $1 trillion in the most extreme version of the scenario.”[11]

However, the same could be achieved via a cyber attack. There needs to be an unambiguous policy whose declaration would include the following: Any major cyber attack against United States’ interests or people will be treated as an attack by any other weapon of mass destruction in the same category as nuclear, chemical, biological, and radiological. It is clear that short of the use of a hydrogen bomb, a major cyber attack will be more severe than any other weapon of mass destruction. The scale of such a cyber attack could be vast and comprehensive.[12] Second, any cyber attack by a state actor will not be governed by the same type response. The United States will use kinetic force to counter or retaliate against a serious cyber attack. In plain language, a state actor that engages in a serious cyber attack against the American power grid will find its own power grid destroyed by cruise missiles. Third, the United States will not be forced into a proportional response if the severity of the attack causes major damage or loss of life.

A serious cyber attack against the United States should be treated in the same way as we treated the potential for a nuclear attack in the 20th century. The United States must respond with the full force of American power and ensure that no nation contemplates this type of aggression.


[1] David Sanger and Elisabeth Bumiller, “Pentagon to Consider Cyberattacks Acts of War,” The New York Times, May 31, 2011.

[2] U.S. Senate Bill 2905, 114th Congress, May 9, 2016.

[3] Dan Gallington, “U.S. Response to Cyber Attacks,” C-Span interview, June 11, 2011.

[4] President Barack Obama, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” The White House, Executive Order, April 1, 2015.

[5] Joshua Philipp, “The Staggering Cost of Economic Espionage Against the US,” The Epoch Times, October 22, 2013.

[6] James Scott and Drew Spaniel, “China’s Espionage Dynasty: Economic Death by a Thousand Cuts,” Institute for Critical Infrastructure Technology, July 17, 2016,

[7] FireEye, Inc., “What About the Plant Floor? Six Subversive Security Concerns for Industrial Environments,” 2017.

[8] Jim Finkle, “Russia hacked hundreds of Western, Asian companies,” Reuters, January 21, 2014.

[9] Dan Boylan, “Mike Rogers, NSA chief, to Senate: Cyberattack on infrastructure ‘worst-case scenario,” The Washington Times, May 9, 2017.

[10] Henry F. Cooper and Peter Vincent Pry, “The Threat to Melt the Electric Grid,” The Wall Street Journal, April 30, 2015,

[11] Lloyds of London and the University of Cambridge Centre for Risk Studies, “Business Blackout,” July 8, 2015.

[12] Quan Hai T. Lu, “Cyber Attacks The New WMD Challenge to the Interagency,” InterAgency Journal 6, 2 (Special Edition, Spring 2015).

Lamont Colucci

Copyright 2018 ABC-CLIO, LLC

This post originally appeared on ABC-CLIO’s Praeger Security International website

This content may be used for non-commercial, course and research purposes only.

MLA Citation:
Colucci, Lamont. “Cyber Attacks Should be Treated As an Act of War.” Praeger Security International, ABC-CLIO, 2018, Accessed 4 Oct. 2018.

Entry ID: 2174723

Praeger Security International: The necessity of a tactical, operational, and strategic response

The American response to the Syrian regime’s use of chemical weapons was a political and moral failure. Ethics and morality are fundamentally based on religious principles. This applies equally to individuals, nations and international systems. We use the term “civilized world” to denote those same human demarcations that use ethics and morality in their decision-making, and those who do not are by default “uncivilized.” Contemporary American culture is bombarded with messages promoting a hazy relativism that is embarrassed by such terms, let alone starker terms like “good” and “evil.” American foreign policy has been equally embarrassed by stark realism that emphasizes only calculated interests or weak liberalism overly obsessed with multilateralism. It is the most unique aspect of American foreign policy that it has always attempted to combine realistic goals with liberal values. This tension created here from the founding of the Republic until today continues to bedevil the nation as it struggles to create a new grand strategy. However, regardless of partisanship, one cannot ignore the dictates of history. The United States was founded on an anti-relativistic vision of absolute natural law where clear markers of good, evil, freedom, and tyranny are severely defined. It is in this broad context that the Syrian regime’s use of chemical weapons must be viewed. There must be a base premise that is absolute: the use of weapons of mass destruction upon innocent civilians is an act of pure evil. The Barack Obama administration’s failure to act upon its own named “red line” was not only a failure of credible American foreign policy but also a violation of natural law that governs civilization. The failure to act signaled that there would be no punishment for the use of weapons of mass destruction and created the vacuum to prolong the Syrian civil war by inviting greater involvement from Russia. It was the darkest hour of American foreign policy during the Obama presidency.

This essay focuses on the American response to the Syrian regime of Bashir Al-Assad’s use of chemical weapons against his own people. Chemical weapons are a separate horror and are part of the classification of weapons commonly referred to as weapons of mass destruction. In this grouping are nuclear, chemical, biological, radiological, and now cyber weapons. The world focuses most of its attention on nuclear, especially the use of a nuclear bomb. Syria was pursuing the nuclear option until that option was decisively ended by the Israeli Air Force. Sometimes referred to as the poor man’s WMD (weapons of mass destruction), chemical weapons are the easiest alternative to nuclear weapons. They are also one of the oldest forms of WMD, chronicled in antiquity in the wars between Athens and Sparta. Chemical weapons had been banned by various western international agreements in 1675, 1874, 1899, 1907, and 1925. They received their greatest attention during and after World War I, responsible for 1.3 million casualties of the most horrific nature—the horror of which was so great that no western power used them against another western power during World War II. They would be used by Benito Mussolini against Ethiopia, by the Nazis in their concentration camps, by Japan against other Asian (especially Chinese) troops, and in the late 20th century by Iraq against Iran and the Kurds. It should be well noted that there is good evidence that the Soviet Union—keeping in mind that Russia is the major backer of the Assad regime—used chemical weapons against its own citizens in 1989 in Georgia and during its invasion and occupation of Afghanistan. In 1993, many nations adopted the Chemical Weapons Convention, with Syria dubiously joining in 2013.

The Syrian civil war began in March 2011, and to be clear, had the United States made a proactive decision to assertively engage with the anti-Assad forces, the enormous casualties and use of chemical weapons would not have happened. No nation has successfully challenged American use or threat of use of hard power. However, the Obama administration made the decision, as it had with the Green Revolution in Iran, and the Arab Spring, in general, to let the vacuum grow. Before the war, the United States intelligence community assessed that Syria had chemical weapons, specifically mustard gas, blister agents, and VX. In July 2012, Syria confirmed ownership of chemical weapons. Obama drew his famous “red line” on August 20 of that same year, declaring “that a red line for us is we start seeing a whole bunch of chemical weapons moving around or being utilized.”

Diplomatic “red lines” come from the story of the Roman who faced off the Seleucid Empire, which was threatening the Roman protectorate of Egypt in 168 BCE. The old consul’s mission was to force the king to return to Syria. After making the Roman demand and being mocked, the Roman responded by drawing a circle in the sand and saying that when the Seleucid king stepped across the line, he had better be marching toward Syria and not Egypt. The king retreated, and the red line was born; history comes full circle in the strangest ways.

By December 6, 2012, the red line was unilaterally shifted in favor of the Assad dictatorship by removing the injunction on the transportation of chemical weapons, as intelligence indicated had already occurred. This is where the red line stood until reports surfaced in January 2013 that the Syrians had already used chemical weapons (specifically Agent 15) against their own population in the city of Homs on December 23, 2012. On March 19, 2013, 26 people were killed in chemical attacks against two Syrian cities. Six days later President Obama stated that this attack was a “game changer.” In the summer it was estimated that more than 1,000 people were killed by chemical attacks. It was only until the end of August that President Obama announced his intention to ask the Congress for an Authorization of Military Force to respond to the attacks with military force, minus ground combat operations. At this moment, history was at the crossroads: it is clear that the Obama administration believed that the Assad regime had used chemical weapons and that this use required an American (unilateral if necessary) military response. On the other hand, rather than utilizing clear constitutional powers as commander-in-chief, the president handed responsibility over to Congress knowing that his Democratic base was opposed to any military action and Republicans would be unhappy with the limitations. Further, many in Congress openly questioned the need to go through Congress at all. It is beyond this article to speculate on the intentions of the administration, but it is clear that had the Obama administration ordered the American military into action, there would have been no hesitation and thousands of lives saved. No action was taken, and the red line, as Senator John McCain suggested, had been written in disappearing ink.

In September and October 2013, the UN and OPCW (Organization for the Prohibition of Chemical Weapons) ordered Syria to destroy its chemical weapons, and with the “help” of Russia, the international community declared victory in this disposal. It is noteworthy that the Assad regime would use chemical weapons on numerous occasions from 2015 through today, including the use of chlorine gas and sarin. The international deal not only gave the Assad regime breathing room internationally, but also served the twin evil purposes of laying out a red carpet for greater Russian intervention and protection from the condemnation for the tens of thousands killed by conventional weapons under the cynical observation that at least those people did not die at the hands of chemical WMD.

Ultimately, the Obama administration engaged in a policy of appeasement. This was not out of character, as it happened in all the major policy decisions regarding Iran, North Korea, Al-Qaeda, ISIS, Libya, Russia, and China. It was more blatant over Syria and will provide future historians with a case study in practical and moral failure. The unwillingness to respond to the chemical attacks was coupled with the Obama administration’s choice to not seriously support the moderate resistance movement in Syria. This led to the rise of the Islamic State group and vacated America’s position in Iraq which allowed the Iranians in.

This context is necessary before anyone can assess the American response to the use of chemical weapons by Syria. However, there are three responses to play: tactical, operational, and strategic. The media and most in the political class focus on the tactical and operational. In line with this limited thinking, the options are manifold: the use of air strikes (manned, unmanned, cruise missiles) to take out the regime’s ability to store, transport, and use chemical weapons. Syrian air defense was less than it is now and a concerted air campaign on a unilateral American timetable would have crippled much of Assad’s ability to continue the use of WMD. A tactical decision such as this would have been far better than any of the responses by the Obama administration. At the operational level, the United States could have added to this the destruction of command and control actors, a psyop to not only undercut the obvious illegitimacy of the regime but to warn those ordered to use chemical weapons that they will be held personally accountable. Special Forces could be used to bolster all of these efforts to gain battlespace advantage. However, neither of these options matter unless the strategic picture is developed. The use of chemical weapons by the Assad regime should have been the final scene, not the opening act. This action should have led the Obama administration to make the decision that the solution to the problem was the removal of the Assad regime from power. In effect, American strategic response was the exact opposite of history. The United States should have openly supported the anti-Assad Syrian and Kurdish forces to remove the Ba’athists from power while using its presence in Iraq to forestall any Iranian and Russian adventurism. The American military would have had to establish no-fly zones and safe zones within the region and proactively crushed any attempt by Islamic extremist like ISIS and Al-Nusra in exploiting the chaos. Many analysts and scholars engage on this topic in either a vacuum or by over-compartmentalization. The solution to chemical weapons use was and is never the chemicals themselves. It is the people who have used them and will continue to do so, through this means or any other to civilians. It has always been a problem of the regime and the type of fascist tyranny the Ba’athists represent, or the type of Bolshevik tyranny to which the Islamic extremists aspire. Any attempt to focus purely on the tactical or operational level is focusing on the symptom and not the disease.

The establishment of a “red line” to act as a clear marker for American foreign policy was done, once done, all American credibility hung in the balance. This “red line” response to the use of chemical weapons necessitated not only a tactical and operational hard power response but also a geostrategic imperative to remove the regime that used chemical weapons in the first place. The American response was muted and resulted in a gross act of appeasement towards a war-criminal regime.